OAuth2: make access token lifetime configurable #2956
Comments
|
Hi @reinkrul, can I raise a PR with enhancements for this issue if no one is assigned yet? I am looking to contribute to did based projects and this project looks quite interesting ! |
|
Hi @m-rit, thank you for your interest. I don't think this particular issue is interesting to work on if you want to learn about DIDs and contribute to their development (since it's got little to do with DIDs). But, we have another repo that's specifically meant for parsing DIDs, which has a issue which might be more interesting for you to solve: nuts-foundation/go-did#113 |
|
The lifetime might be related to the use-case. In that case it could be added to the policy definition file. We make some assumptions about the lifetime of access tokens in storage. These may have to be re-evaluated if the lifetime is configurable per use-case. |
This is now hardcoded for 15 minutes, should be configurable. Note that we chose to hide the existing config flag in the
authmodule, since it is v5-specific. If we decide to re-use it for the IAM APIs, we need to un-hide it.The text was updated successfully, but these errors were encountered: